package com.basis.shiro;

import java.util.HashSet;
import java.util.List;
import java.util.Set;

import org.apache.shiro.authc.AccountException;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.basis.contants.UserStatusEnum;
import com.basis.entity.SysUser;
import com.basis.service.ISysUserService;
import com.basis.utils.CryptoUtils;
import com.basis.utils.ShiroUtil;


/**      
 * @Description:   shiro用户校验授权类
 * @author:        lxd
 * @date:          2019年11月26日 下午4:44:02     
 */ 
public class ShiroRealm extends AuthorizingRealm {

    private static final Logger log = LoggerFactory.getLogger(ShiroRealm.class);

    @Autowired
    private ISysUserService sysUserService;

    
    /**   
     * @Description:   权限验证
     * @author:        lxd  
     * @date:          2019年11月27日 上午10:13:05  
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        List<String> auths = sysUserService.queryAuth4User(ShiroUtil.getUser().getId());
        Set<String> set = new HashSet<>();
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        for (String auth : auths) {
            set.add(auth);
        }
        info.setStringPermissions(set);
        return info;
    }

    
    /**   
     * @Description:   登录认证
     * @author:        lxd  
     * @date:          2019年11月27日 上午10:12:58  
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
        String userName = token.getUsername();
        String password = String.valueOf(token.getPassword());
        QueryWrapper<SysUser> query = new QueryWrapper<SysUser>();;
        query.eq("user_name", userName);
        SysUser sysUser = sysUserService.getOne(query);
        if (sysUser == null) {
        	log.error("该用户不存在");
            throw new AccountException("该用户不存在");
        }
        if (!CryptoUtils.verify(password, sysUser.getUserPwd())) {
        	log.error("密码错误");
            throw new AccountException("密码错误");
        }
        if (sysUser.getStatus().equals(UserStatusEnum.UNENABLE.getCode())) {
        	log.error("该账户已被禁用,请联系管理员");
            throw new AccountException("该账户已被禁用,请联系管理员");
        }
        return new SimpleAuthenticationInfo(sysUser, password, getName());
    }
}
